Consider the exit family when applying guard restrictions.

When the new path selection logic went into place, I accidentally dropped the code that considered the _family_ of the exit node when deciding if the guard was usable, and we didn't catch that during code review. This patch makes the guard_restriction_t code consider the exit family as well, and adds some (hopefully redundant) checks for the case where we lack a node_t for a guard but we have a bridge_info_t for it. Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2016-006 and CVE-2017-0377.
author: Nick Mathewson <nickm@torproject.org> 2017-06-28 11:41:50 -0400
committer: Nick Mathewson <nickm@torproject.org> 2017-06-29 09:57:00 -0400
commit: 665baf5ed5c6186d973c46cdea165c0548027350 (patch)
tree: b079326e84dd888dcea50f7192e5ccf319579f48 /changes
parent: a242d194c74b318b8ee4b347efd09ed13d0d2549 (diff)
download: tor-665baf5ed5c6186d973c46cdea165c0548027350.tar.gz
tor-665baf5ed5c6186d973c46cdea165c0548027350.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug22753 b/changes/bug22753
new file mode 100644
index 0000000000..32a6dfa56c
--- /dev/null
+++ b/changes/bug22753
@@ -0,0 +1,7 @@
+  o Major bugfixes (path selection, security):
+    - When choosing which guard to use for a circuit, avoid the
+      exit's family along with the exit itself. Previously, the new
+      guard selection logic avoided the exit, but did not consider
+      its family.  Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked
+      as TROVE-2016-006 and CVE-2017-0377.
+
author	Nick Mathewson <nickm@torproject.org>	2017-06-28 11:41:50 -0400
committer	Nick Mathewson <nickm@torproject.org>	2017-06-29 09:57:00 -0400
commit	665baf5ed5c6186d973c46cdea165c0548027350 (patch)
tree	b079326e84dd888dcea50f7192e5ccf319579f48 /changes
parent	a242d194c74b318b8ee4b347efd09ed13d0d2549 (diff)
download	tor-665baf5ed5c6186d973c46cdea165c0548027350.tar.gz tor-665baf5ed5c6186d973c46cdea165c0548027350.zip